Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. ” The analysis of Omar Radi’s iPhone suggests network injection attacks took place on 27 th January, 11 th February, and 13 th of September 2019. .”

Spyware 113

Spyware Surveillance Mobile Advertising 113

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware 82

Spyware Surveillance Accountability Mobile 82

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware 77

Spyware Surveillance Telecommunications Mobile 77

Security Affairs

DECEMBER 21, 2020

Tens of Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. Researchers from Citizen Lab reported that at least 36 Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones.

Hacking 132

Hacking Surveillance Spyware Government 132

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 99

Spyware Mobile Advertising Architecture 99

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. SecurityAffairs – hacking, FinSpy). Pierluigi Paganini.

Spyware 140

Spyware Surveillance Mobile Advertising 140

Security Affairs

APRIL 13, 2022

One of the officials targeted with the infamous spyware there is Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019. ” Security researchers said that Apple sent the warnings to its users targeted between February and September 2021. ” concludes the report.

Surveillance 92

Surveillance Software Spyware Hacking 92

Security Affairs

FEBRUARY 6, 2022

One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Apple addressed the flaw used by the ForcedEntry exploit in September 2021, rendering both NSO and QuaDream’s spyware ineffective.

Surveillance 94

Surveillance Spyware Government Hacking 94

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. CVE-2019-8605 internally referred to as SockPort2 and publicly known as SockPuppet CVE-2020-3837 internally referred to and publicly known as TimeWaste. SecurityAffairs – hacking, RCS Labs).

Surveillance 113

Surveillance Mobile Spyware Telecommunications 113

Security Affairs

OCTOBER 14, 2020

The authorities started the investigation last year after the German blog Netzpolitik and some advocacy groups (Reporters Without Borders, Society for Freedom Rights, and the European Center for Constitutional and Human Rights), filed a complaint with Munich prosecutors in the summer of 2019. SecurityAffairs – hacking, K-Electric).

Surveillance 112

Surveillance Spyware Software Advertising 112

Security Affairs

MARCH 7, 2021

In the last years, security experts documented multiple hacking and disinformation campaigns, attributed to Russia-linked APT groups, that targeted Lithuania, Estonia , and Latvia. The head of cyber security Rimtautas Cerniauskas confirmed the discovery of at least three Russian spyware on government computers since 2015.

Spyware 130

Spyware Cyber Attacks Government Hacking 130

Security Affairs

AUGUST 30, 2019

Google researchers discovered that iPhone devices could be hacked by tricking owners into visiting specially crafted websites. Researchers at Google Project Zero discovered that it was possible to hack iPhone devices by visiting specially crafted websites. — Ben Hawkes (@benhawkes) February 7, 2019. Apple iOS 12.1.4

Spyware 88

Spyware Hacking Advertising Encryption 88

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware.

Firmware 126

Firmware Spyware Surveillance Hacking 126

Security Affairs

SEPTEMBER 12, 2019

“The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands.” SecurityAffairs – SimJacker, hacking). ” continues the post.

Hacking 106

Hacking Mobile Spyware Manufacturing 106

Security Affairs

SEPTEMBER 24, 2023

In 2016, researchers from the non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried out by the Stealth Falcon. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents.

Spyware 118

Spyware Malware Architecture Encryption 118

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022.

Backups 80

Backups Spyware Ransomware Education 80

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

FEBRUARY 14, 2021

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 301 appeared first on Security Affairs. If you want to also receive for free the international press subscribe here. COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B Pierluigi Paganini.

Spyware 89

Spyware Phishing Data breaches Surveillance 89

Security Affairs

APRIL 11, 2021

The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “ the Joker. ”. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Malware 141

Malware Spyware Mobile Antivirus 141

Security Affairs

JUNE 22, 2023

Recently, Kaspersky researchers dug into Operation Triangulation and discovered more details about the exploit chain employed to deliver the spyware to iOS devices. According to Kaspersky researchers, Operation Triangulation began at least in 2019 and is still ongoing. The list of Apple security updates is available here.

Spyware 83

Spyware Mobile Hacking Information Security 83

Security Affairs

JULY 16, 2021

The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. Since 2019 experts found many Joker apps on Google Play store, in September 2019 security experts at Google removed from the store 24 apps. Pierluigi Paganini.

Malware 139

Malware Mobile Spyware Encryption 139

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. The malware researchers found the new Android GravityRAT sample in 2019, on VirusTotal. SecurityAffairs – hacking, GravityRAT ). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 114

Malware Computers and Electronics Spyware Advertising 114

Security Affairs

APRIL 8, 2020

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Surveillance 101

Surveillance Spyware Advertising Government 101

Security Affairs

APRIL 28, 2020

In 2019, researchers from Dr. Web discovered a backdoor trojan in Google Play, which appeared different from other threats due to its level of sophistication for this reason Kaspersky investigated it. . “One of the latest samples was published on the official Android market on November 6, 2019. Pierluigi Paganini.

Malware 106

Malware Advertising Spyware Marketing 106

Security Affairs

SEPTEMBER 15, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Experts found Joker Spyware in 24 apps in the Google Play store. Million of Telestar Digital GmbH IoT radio devices can be remotely hacked. Once again thank you!

Spyware 56

Spyware Advertising Hacking IoT 56

Security Affairs

NOVEMBER 17, 2019

ZoneAlarm forum site hack exposed data of thousands of users. Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild. CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking. The Australian Parliament was hacked earlier this year. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware.

DDOS 52

DDOS Spyware Advertising Ransomware 52

Security Affairs

JULY 13, 2019

Experts uncovered a new Magecart campaign that hacked over 960 stores. UK ICO fines British Airways £183 Million under GDPR over 2018 security breach. Adobe Patch Tuesday updates for July 2019 address only 5 minor flaws. Microsoft released Patch Tuesday security updates for July 2019.

Data breaches 52

Data breaches Spyware Advertising Government 52

Security Affairs

OCTOBER 13, 2019

US will help Baltic states to secure baltic energy grid. Developer hacked back Muhstik ransomware crew and released keys. MS October 2019 Patch Tuesday updates address 59 flaws. Users reported problems with patches for CVE-2019-1367 IE zero-day. SAP October 2019 Security Patch Day fixes 2 critical flaws.

VPN 55

VPN Spyware Data breaches Advertising 55

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. SecurityAffairs – hacking, InvisiMole). Pierluigi Paganini.

DNS 81

DNS Advertising Spyware Software 81

Security Affairs

NOVEMBER 8, 2019

Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aimed at installing a cryptocurrency miner on the infected systems. pic.twitter.com/VdiKoqAwkr — Kevin Beaumont (@GossiTheDog) November 2, 2019. huh, the EternalPot RDP honeypots have all started BSOD'ing recently.

Penetration Testing 65

Penetration Testing Malware Advertising Spyware 65

Security Affairs

JULY 16, 2020

The source code of the Xerxes malware was leaked online around May 2019. SecurityAffairs – hacking, BlackRock malware). The post New Android BlackRock malware targets hundreds of apps appeared first on Security Affairs. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 90

Malware Banking Mobile Spyware 90

Security Affairs

OCTOBER 27, 2019

Robots at HIS Group are vulnerable to hack. Swedish Government grants police the use of spyware against violent crime suspects. Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court. CVE-2019-11043 exposes Web servers using nginx and PHP-FPM to hack. Adobe Creative Cloud Users.

Spyware 41

Spyware Advertising Hacking DDOS 41

Security Affairs

JULY 18, 2019

Based on compilation times, infrastructure, and public distribution of samples – we assess the campaign operated from the second half of 2018 into today (July 2019).” ” The new malware samples analyzed in July 2019 appear to have been rebuild by the group in response to public reporting on the group’s activities.

Malware 61

Malware Software Spyware Advertising 61

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Pierluigi Paganini. SecurityAffairs – Facebook, NSO Group).

Spyware 102

Spyware Surveillance Advertising Mobile 102

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM).

Spyware 104

Spyware Malware Cybercrime Hacking 104

BH Consulting

NOVEMBER 15, 2022

He argued that security works when it costs €100,000 for spyware to hack into a politician’s iPhone. Georgia Bafoutsou of ENISA, the EU’s information security agency, called on those attending to amplify messages about security awareness. “Creating exploits for modern operating systems today is hard.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

Security Affairs

SEPTEMBER 9, 2019

In 2016, researchers from non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried by the Stealth Falcon. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents.

Malware 80

Malware Advertising System Administration Spyware 80